The EFF is working on an open wireless router firmware that’s designed to be a secure and flexible alternative to the existing software that runs on home and small business routers, much of which is notoriously insecure.
The Open Wireless Router project, which the organization announced at the HOPE X conference over the weekend, is in very early form at this point, but the EFF is hopeful that developers, hackers and security experts will lend their talents to the project and help improve it. The EFF has designed the firmware to help users share their networks with guests and co-workers while still providing a secured segment for themselves.
“We are offering this hacker alpha release to engage enthusiastic technical users who would like to help us test, develop, improve, and harden the Open Wireless Router. Currently the software runs on one specific model of hardware (the Netgear WNDR3800) and is based on the CeroWRT project,” the EFF said in a blog post announcing the project.
Among the features that the OpenWireless Router firmware includes are:
- Let you share a bounded portion of your bandwidth on the open network, so guest users cannot slow down your Internet connection or use a large portion of your monthly quota.2
- Provide state-of-the-art network queuing, so most users can expect an improved Internet experience—especially with latency-sensitive applications—compared to what commonly available consumer grade routers are delivering today.
One of the goals of the project is to provide better security than is available in most wireless router software. Cross-site scripting and cross-site request forgery vulnerabilities are quite common in wireless router firmware and attackers can exploit them to get access to the administrative functions of vulnerable routers. The Open Wireless Project includes some features to protect against XSS and CSRF attacks.
“We require a CSRF token with all POST requests in order to prevent CSRF. The CSRF token is a hash of the auth token so the two are bound together to prevent cookie forcing attacks. Validation of CSRF tokens is done in constant time. We generate the auth token using os.urandom(), a secure random number generator. Both the auth token and the CSRF token are sent to the browser as cookies, and the secure flag is set if user login is via HTTPS. The HttpOnly flag is set on the auth cookie so that an attacker with a temporary XSS cannot steal it,” the security documentation for the software says.
The EFF’s firmware is designed to run on just one router right now, the Netgear WNDR3800. The code for the software is available on GitHub.